﻿<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<?php
if (!(isset($_GET["id"]))) {
header("Location: browse.php");
exit();
}
?>
<?php
include("siteName.php");
$sOut = "<p>Welcome to the " . $siteName . " site";
if (isset($_SESSION["uName"])) {
$sOut .= ", " . $_SESSION["uName"];
}
$sOut .= "<br />Below are the products that fall under the '%s' category.</p>";
require("dbInc.php");
$catName = "";
$catDescription = "";
$sortField = "vName";
$sortOrder = "ASC";
$prodArray = array();
$mysqliObj = new mysqli($dbHost, $dbUser, $dbPass, $dbDB);
if (isset($_POST["hidSortField"])) {
$sortField = mysqli_real_escape_string($mysqliObj, $_POST["hidSortField"]);
$sortOrder = mysqli_real_escape_string($mysqliObj,  $_POST["hidSortOrder"]);
}//end of handle sort change
$sql = sprintf("select vCatName, vCatDescription from %s where id = %s;", $tableCats, mysqli_real_escape_string($mysqliObj, $_GET["id"]));
$res = $mysqliObj->query($sql);
if ($res->num_rows > 0) {
$row = $res->fetch_assoc();
$catName = $row["vCatName"];
$catDescription = str_replace("\'", "'", $row["vCatDescription"]);
} else {
$mysqliObj->close();
header("Location: browse.php");
exit();
}//end of retrieving catName
$sql = sprintf("select id, vName, vDescription, fPrice, vURLs from %s where iCatID = %s order by %s %s;", $tableProducts, mysqli_real_escape_string($mysqliObj, $_GET["id"]), $sortField, $sortOrder);
$res = $mysqliObj->query($sql);
$res->data_seek(0);
if ($res->num_rows > 0) {
while ($row = $res->fetch_assoc()) {
$productPrice = $currencySymbol . sprintf("%1\$.2f", floatval($row["fPrice"]));
array_push($prodArray, array("id"=>$row["id"], "vName"=>$row["vName"], "vDescription"=>str_replace("\'", "'", $row["vDescription"]), "fPrice"=>$productPrice, "vURLs"=>$row["vURLs"]));
}//end of looping through data rows
}//end of checking num_rows
$mysqliObj->close();
?>
<title><?php echo $siteName; ?> - Product listing - <?php echo $catName; ?></title>
<link type="text/css" rel="stylesheet" href="styles.css" />
<script type="text/javascript" language="javascript">
function changeSort(sortField) {
if (document.getElementById("hidSortField").value == sortField) {
if (document.getElementById("hidSortOrder").value == "ASC") {
document.getElementById("hidSortOrder").value = "DESC";
} else {
document.getElementById("hidSortOrder").value = "ASC";
}//end of changing ascending/descending for same field
} else {
document.getElementById("hidSortOrder").value = "ASC";
}//end of checking if same field value
document.getElementById("hidSortField").value = sortField;
document.getElementById("frmSort").submit();
}//end of changeSort function

function showProduct(prodID) {
var pURL = "<?php echo sprintf('product.php?catid=%s&id=', $_GET['id']); ?>" + prodID;
var win=window.open(pURL,'productDetail');
}//end of showProduct function
</script>
</head>
<body>
<iframe name="logoFrame" id="logoFrame" src="logo.htm" border="0" height="120" align="top" frameborder="0" marginheight="0" width="100%" scrolling="no">
<a href="http://www.blindza.co.za/" target="_blank">
<img src="logo/blindza_logo_smaller46.jpg" alt="blindZA.co.za logo - white text on black background, with white border - and red braille version hovering in front of normal text" width="317" height="103" border="0" />
</a>
</iframe>
<a href="browse.php">Back to category listing</a>
<h2><?php echo $siteName; ?> - Product listing - <?php echo $catName; ?></h2>
<?php
if (strlen(trim($catDescription)) > 0) {
echo "<p>" . str_replace("\n", "<br />\n", trim($catDescription)) . "</p>\n";
}//end of checking trimmed length of catDescription
if (count($prodArray) > 0) {
?>
<table>
<tr>
<th><a onclick="changeSort('vName');">Product name</a></th>
<th>Product description</th>
<th><a onclick="changeSort('fPrice');">Price</a></th>
</tr>
<?php
foreach ($prodArray as $product) {
$sOut = "<tr>\n<td valign='top'><a onclick='showProduct(%s);'>%s</a></td><td>%s</td><td align='right'>%s</td>\n</tr>\n";
echo sprintf($sOut, $product["id"], $product["vName"], $product["vDescription"], $product["fPrice"]);
}//end of looping through products
?>
</table>
<?php
} else {
echo "<p class='error'>No products to display in this category</p>\n";
}//end of making sure there are products to display
?>
<form action="cat.php?id=<?php echo $_GET['id']; ?>" method="post" enctype="multipart/form-data" id="frmSort">
<input type="hidden" name="hidSortField" id="hidSortField" value="<?php echo $sortField; ?>" />
<input type="hidden" name="hidSortOrder" id="hidSortOrder" value="<?php echo $sortOrder; ?>" />
</form>
</body>
</html>
